package com.example.springboot.oauth2.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

/**
 * Created by wuning at 2018/8/30 10:39
 **/
@RestController
@RequestMapping("/secure")
public class SecureUserController {

    @PreAuthorize("hasRole('ROLE_USER')")//只允许user角色访问
    @RequestMapping(value="/u", method = RequestMethod.GET)
    public String sayHello() {
        return "Secure Hello access to rose user !>>>"+System.currentTimeMillis();
    }

    @PreAuthorize("hasAnyRole('ROLE_ANONYMOUS','ROLE_USER')")//允许user,anonymous角色访问
    @RequestMapping(value="/to", method = RequestMethod.GET)
    public String saySomething() {
        return "Secure saySomething access to >>>"+System.currentTimeMillis();
    }
}
